Terminal device having subscriber identity device and method for selecting profile thereof

ABSTRACT

A terminal device having a subscriber identity device and a method for selecting a profile thereof, are disclosed. A mobile communication terminal device comprises: a subscriber identity module including a profile, a network authenticator which performs an authentication procedure for a communication network on the basis of a provisioning profile among profiles, and which receives authentication completion information from an operator server of the communication network; and a network access unit which accesses the communication network on the basis of the authentication completion information, and which receives a service from the operator server on the basis of an operational profile corresponding to an operator of the communication network among the profiles.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a National Stage application of International PatentApplication No. PCT/KR2013/009954, filed on Nov. 5, 2013, which claimsthe benefit of Korean Patent Application Nos. 10-2012-0124606, filed onNov. 6, 2012, and Korean Patent Application No. 10-2013-0133421, filedon Nov. 5, 2013, the disclosures of which are incorporated herein intheir entirety by reference.

BACKGROUND

1. Technical Field

Methods and apparatuses consistent with exemplary embodiments relate toa method of selecting a profile stored in an embedded universalintegrated circuit (IC) card, a terminal device having a subscriberidentity device, and more particularly, to a configuration of attributeinformation of the profile and a procedure of a terminal deviceselecting a specific profile using the attribute information.

2. Description of Related Art

A universal integrated circuit card (UICC) is a smart card that may beinserted into a terminal and used as a module for authenticating a userwith a mobile communication network to which the user has subscribed. AUICC may store network information (e.g., international mobilesubscriber identity, home public land mobile network, etc.) regarding amobile network operator (MNO) (hereinafter also referred to as anoperator), user information (e.g., short message service), and aphonebook. A UICC for Global System for Mobile communications (GSM) maybe called a subscriber identity module (SIM) card, and a UICC forWideband Code Division Multiple Access (WCDMA) or Long Term Evolution(LTE) may be called a universal subscriber identity module (USIM).

Network Access Applications (NAAs), which are applications used toaccess several networks of several operators, may be included in a UICC.

When a user installs a UICC in the user's terminal, user authenticationis automatically performed with a mobile communication network to whichthe user has been subscribed, and thus the user may conveniently receivea mobile communication service through the terminal. In addition, theuser may easily replace his/her terminal by removing a UICC from an oldterminal and installing the UICC in a new terminal. When a user intendsto change MNOs, the user may simply perform the change by replacing aUICC removed from an existing terminal with that of a desired MNO.

Furthermore, the user may simply change MNOs by replacing the UICC withthat of the desired MNO and then use his/her terminal. That is, in anexisting UICC environment, a SIM profile properly prepared forrequirements of the MNO is embedded in a separate card and distributedindependently of the terminal. In order to subscribe to a service of aspecific MNO, a user purchases a terminal and a UICC, inserts the UICCinto the terminal, activates the terminal according to an activationprocedure predetermined by the MNO, and then uses the terminal.

An embedded UICC (hereinafter referred to as eUICC) structure has beenproposed to provide the same service as the removable UICC when it isdifficult for the user to remove the UICC from the terminal. Such canoccur in a terminal that requires minimization. For example, in amachine to machine (M2M) terminal having a structure in which a UICC isinstalled it may be difficult to replace the UICC, or it may bedifficult to replace the UICC when the UICC is provided as a chip in aterminal integration structure rather than in a removable structuresince the UICC requires high heat and shock tolerances, compared to anexisting UICC having a removable plastic structure.

The eUICC provides a network access authentication function similar tothe existing removable UICC. However, network accesses of severaloperators should be able to be processed using one eUICC because of adifference in physical structure. Furthermore, there are many issuessuch as eUICC activation/distribution/subscriber information securityand thus solutions for the issues need to be provided. In order to solvethis, international standardization organizations such as GroupeSpeciale Mobile Association (GSMA) and European TelecommunicationsStandards Institute (ETSI) have developed standardization activities ona necessary element including a top structure together with relatedcompanies such as a network operator, a manufacturer, a SIM vendor, etc.

In ETSI, a working group (WG) for establishing an eUICC standard isactive, and requirements are currently being established to define amodule that is called a ‘profile’ to personalize an application for anetwork access authentication function of several operators, such thatthe profile may be remotely installed to the eUICC and managed. Inaddition, a management policy and an application solution of the profileare being discussed, but detailed solutions are not defined yet.

Since details related to profile management of the eUICC are notdefined, an eUICC card manufacturer, a terminal manufacturer, and aneco-system operator have many difficulties in developing andcommercializing the eUICC. Furthermore, until now, when one or moreprofiles are installed in the eUICC, a procedure for selecting aspecific profile or attribute information regarding profiles needed forthe selection is not defined in detail, thus there are difficulties inimplementing relevant functions.

Even in a global standard, only the profiles are merely defined, anddetailed methods about how the eUICC can provide information to be usedto select a specific profile are not discussed; for example, the globalstandard may only define a profile type (e.g., a provisioning profileand an operational profile), a profile provider (or operator), and aprofile state (activation or deactivation) and how the terminal canacquire corresponding information, that is, information for selecting aspecific profile to select the specific profile. Accordingly, a methodof defining and implementing how profile attribute information such as aprofile type (e.g., provisioning profile and an operational profile), aprofile provider (or operator), and a profile state (activation ordeactivation) that are stored in the eUICC is configured and how themobile communication terminal can select a specific profile using theprofile attribute information is required.

SUMMARY

Exemplary embodiments are directed to a configuration of attributeinformation regarding profiles stored in an eUICC and a procedure of aterminal when the eUICC selects a specific profile.

Exemplary embodiments are also directed to storing, in a terminaldevice, profiles for authenticating and accessing mobile communicationnetworks provided by many mobile network operators and selecting aprofile from among the stored profiles, if necessary, to performauthentication and access to receive services provided by the mobilecommunication network operators.

Exemplary embodiments are also directed to a subscriber identity deviceand a terminal device having the subscriber identity device embeddedtherein.

One aspect of the exemplary embodiments provides a mobile communicationterminal device including a subscriber identity module having at leastone or more profiles, a network authenticator configured to perform anauthentication procedure for a communication network based on aprovisioning profile among the at least one or more profiles and receiveauthentication completion information from an operator server of thecommunication network, and a network communicator configured to accessthe communication network based on the authentication completioninformation and receive a service from the operator server based on anoperational profile corresponding to an operator of the communicationnetwork among the at least one or more profiles.

The mobile communication terminal device may further include a profileselector configured to select the provisioning profile and theoperational profile based on an elementary file including attributeinformation related to the at least one or more profiles.

The attribute information may include an application identifier foridentifying the at least one or more profiles.

The application identifier may comprise a registered applicationprovider identifier (RID) and a proprietary application identifierextension (PIX), and the proprietary application identifier extension(PIX) may include at least one from among an application code, a countrycode, an application provider code, and an application provider fieldoption.

The application code may include classification information forclassifying types of the at least one or more profiles.

The types of the at least one or more profiles may include aprovisioning profile type, an operational profile type, and anoperational profile type containing data of the provisioning profile.

Another aspect of the exemplary embodiments provides a subscriberidentity device embedded in a mobile communication terminal device thataccesses a communication network using at least one or more profiles,the subscriber identity device including a first storage configured tostore at least one provisioning profile having authenticationinformation related to the communication network; a second storageconfigured to store at least one operational profile having serviceaccess information used to receive a service of the communicationnetwork, and an elementary file storage configured to store anelementary file having attribute information related to the at least oneprofile used to select at least one profile.

The subscriber identity device may further include a third storageconfigured to store at least one user profile having user information ofthe mobile communication terminal device.

The at least one provisioning profile and the at least one operationalprofile may be selected based on the elementary file including attributeinformation related to the at least one or more profiles.

The attribute information may include application identifierinformation, application label information, and application stateinformation for any profile among the at least one or more profiles.

The application identifier information may include an applicationidentifier (AID) for identifying any profile, and the applicationidentifier may comprise a registered application provider identifier(RID) and a proprietary application identifier extension (PIX).

The proprietary application identifier extension may include at leastone from among an application code, a county code, an applicationprovider code, and an application provider field option.

The application code may comprise classification information forclassifying types of the at least one or more profiles.

The types of the at least one or more profiles may include aprovisioning profile type, an operational profile type, and anoperational profile type containing data of a provisioning profile.

Still another aspect of exemplary embodiments provides a method ofaccessing a communication network using at least one or more profilesincluded in a subscriber identity module, the method includingperforming an authentication procedure for the communication networkbased on a provisioning profile among the at least one or more profilesand receiving authentication completion information from an operatorserver of the communication network; and accessing the communicationnetwork based on the authentication completion information and receivinga service from the operator server based on an operational profilecorresponding to an operator of the communication network among the atleast one or more profiles.

The method may further include, before the receiving of theauthentication completion information, selecting the provisioningprofile and the operational profile based on an elementary fileincluding attribute information related to the at least one or moreprofiles.

The attribute information may comprise an application identifier foridentifying the at least one or more profiles.

The application identifier may comprise a registered applicationprovider identifier (RID) and a proprietary application identifierextension (PIX), and the proprietary application identifier extension(PIX) may comprise at least one from among an application code, acountry code, an application provider code, and an application providerfield option.

The application code may comprise classification information forclassifying types of the at least one or more profiles.

The types of the at least one or more profiles may include aprovisioning profile type, an operational profile type, and anoperational profile type containing data of a provisioning profile.

With the terminal device having the subscriber identity device embeddedtherein and the method of selecting a profile according to an exemplaryembodiment, the terminal device can acquire attribute informationrelated to profiles stored in an eUICC, select a specific profile usingthe attribute information, and access a mobile communication networkusing the selected profile to receive a relevant service.

Through the device and method, advantageously, a user of the terminaldevice can simply change his/her operator network to access networks ofseveral mobile network operators and receive a variety of relatedservices.

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1 is a conceptual view illustrating an environment of a mobilecommunication terminal device and a mobile network operator serveraccording to an exemplary embodiment.

FIG. 2 is a conceptual view illustrating a mobile communication terminaldevice and its elements according to an exemplary embodiment.

FIG. 3 is a block diagram illustrating a subscriber identity moduleembedded in a mobile communication terminal device and informationstored therein according to another exemplary embodiment.

FIG. 4 is a conceptual view illustrating an application tag, length, andvalue (TLV) object among profile attribute information according to anexemplary embodiment.

FIG. 5 is a block diagram illustrating an application identifier and itsconfiguration information according to an exemplary embodiment.

FIG. 6 is an exemplary view showing an example of a value of anapplication identifier for each profile according to an exemplaryembodiment.

FIG. 7 is a block diagram illustrating a subscriber identity device andits elements according to an exemplary embodiment.

FIG. 8 is a flowchart illustrating a method of selecting a profile of aterminal device having a subscriber identity device embedded thereinaccording to an exemplary embodiment.

DETAILED DESCRIPTION

While the exemplary embodiments are susceptible to various modificationsand alternative forms, specific embodiments thereof are shown by way ofexample in the drawings and will herein be described in detail. However,it should be understood that the present invention is not limited tothese exemplary embodiments, and may include any and all modification,variations, equivalents, substitutions and the like within the spiritand scope thereof. Like reference numerals refer to like elementsthroughout.

Relational terms such as first, second, and the like may be used fordescribing various elements, but the elements should not be limited bythe terms. These terms are only used to distinguish one element fromanother. For example, a first component may be called a secondcomponent, and a second component may also be called a first componentwithout departing from the scope of the present invention. The term‘and/or’ means any one or a combination of a plurality of related anddescribed items.

When it is mentioned that a certain component is “coupled with” or“connected with” another component, it should be understood that thecertain component is directly “coupled with” or “connected with” to theother component or a further component may be located therebetween. Incontrast, when it is mentioned that a certain component is “directlycoupled with” or “directly connected with” another component, it will beunderstood that a further component is not located therebetween.

The terms used in the present specification are set forth to explain theexemplary embodiments, and the scope of the present invention is notlimited thereto. The singular number includes the plural number as longas they are not apparently different from each other in meaning. In thepresent specification, it will be understood that the terms “have,”“comprise,” “include,” and the like are used to specify the presence ofstated features, integers, steps, operations, elements, and/orcomponents, but do not preclude the presence or addition of one or moreother features, integers, steps, operations, elements, components,and/or groups thereof.

Unless otherwise defined, all terms (including technical and scientificterms) used herein have the same meaning as commonly understood by oneof ordinary skill in the art to which this invention belongs. Terms suchas terms that are generally used and have been in dictionaries should beconstrued as having meanings matched with contextual meanings in theart. In this description, unless defined clearly, terms are not ideally,excessively construed as formal meanings.

First, terms used herein may be described as follows. Also, the termsdescribed below are defined with consideration of the functions in thepresent invention, and thus may vary depending on intentions of aclient, an operator, or a user, or precedents. Accordingly, thedefinition would be made on the basis of the whole specification.

The term ‘operator’ used herein denotes a mobile network operator (MNO).

A subscriber identity module or subscriber identity device is anembedded UICC (eUICC) or embedded SIM (eSIM), and means an eSIM that isintegrally installed upon manufacturing of the terminal, unlike anexisting removable UICC.

The term ‘embedded UICC (eUICC)’ or ‘embedded SIM’ means an embedded SIMintegrally installed when the terminal is manufactured, unlike anexisting removable UICC.

A SIM denotes a subscriber identification module, and a SIM profilemeans a specific group (set) of information parameter values included inthe SIM. The term ‘profile’ used herein denotes such a SIM profile.Files that may be stored in an embedded UICC, that is, a master file(MF), a dedicated file (DF), an application dedicated file (ADF), anelementary file (EF), and a credential are collectively defined as theprofile.

The term ‘terminal’ used herein is referred to as a mobile station (MS),a user equipment (UE), a user terminal (UT), a wireless terminal, anaccess terminal (AT), a subscriber unit (SU), a subscriber station (SS),a wireless device, a wireless communication device, a wirelesstransmit/receive unit (WTRU), a mobile node, a mobile device, or thelike. Various embodiments of the terminal may include a cellular phone,a smart phone with a wireless communication function, a personal digitalassistant (PDA) with a wireless communication function, a wirelessmodem, a portable computer with a wireless communication function, animaging apparatus such as a digital camera with a wireless communicationfunction, a gaming apparatus with a wireless communication function, ahome appliance for storing and playing music files with a wirelesscommunication function, an Internet home appliance capable of wirelessInternet connection and browsing as well as portable units or terminalsincorporating combinations of the functions.

In addition, the terminal may include, but is not limited to, amachine-to-machine (M2M) terminal and a machine type communication (MTC)terminal/device.

In addition, each block or step described herein may indicate a portionof a module, segment, or code including one or more executableinstructions for executing a specific logical function(s). In addition,in some exemplary embodiments, it should be recognized that thefunctions described in the blocks or steps can be performed in adifferent order. For example, two successively illustrated blocks orsteps may be actually performed at the same time or may be performed inreverse order depending on the corresponding function.

Exemplary embodiments will be described below in more detail withreference to the accompanying drawings. In describing the exemplaryembodiments, in order to facilitate the entire understanding of theexemplary embodiments, like numbers refer to like elements throughoutthe description of the figures and the repetitive description thereofwill be omitted.

FIG. 1 is a conceptual view illustrating an environment of a mobilecommunication terminal device 200 and a mobile network operator server100 according to an exemplary embodiment.

Referring to FIG. 1, a wireless communication network including a mobilecommunication network that is referred to as 3rd Generation (3G), LongTerm Evolution (LTE), Long Term Evolution Advanced (LTE-A), or the likeis operated by mobile network operators. Each operator may own awireless communication network that may provide its own service, andusers may access the wireless communication network of each operatorthrough the mobile communication terminal device 200 to receive aservice.

Users may access the wireless communication network of the operator,from which the users desire to receive a service, through the terminaldevice 200 that is provided by the operator or by inserting a UICCprovided by the operator into the terminal device 200. As the method ofaccessing the wireless communication network through the UICC providedby the operator, a method of using an eUICC embedded in the terminaldevice 200 is allowed as described above.

FIG. 2 is a conceptual view illustrating a mobile communication terminaldevice 200 and its elements according to an exemplary embodiment, andFIG. 3 is a block diagram illustrating a subscriber identity module 500embedded in the mobile communication terminal device 200 and informationstored therein according to another exemplary embodiment.

Referring to FIGS. 2 and 3, the mobile communication terminal device 200may be configured to include a subscriber identity module 500 includingat least one or more profiles 511, 521, 522, and 531, a networkauthentication unit 210 (“network authenticator”) configured to performan authentication procedure on a communication network based on aprovisioning profile 511 among the at least one or more profiles 511,521, 522, and 531 and receive authentication completion information fromthe operator server 100 of the communication network, and a networkaccess unit 220 (“network communicator”) configured to access thecommunication network based on the authentication completion informationand receive a service from the operator server 100 based on anoperational profile 521 or 522 corresponding to the operator of thecommunication network among the at least one or more profiles 511, 521,522, and 531.

The mobile communication terminal device 200 may perform userauthentication with and access to the mobile communication network usingprofiles 511, 521, 522, and 531 of an eUICC 500 and also use the eUICC500 as a storage space for user information (for example, a shortmessage service, a multimedia message service, phonebook, etc.).

The profile may be classified into a provisioning file 511, anoperational profile 521 or 522, a user profile 531, and so on. Theprovisioning profile 511 denotes a file that provides informationnecessary for authentication of the mobile communication network inorder to support MNO activation when the eUICC 500 is not activated withthe mobile communication network operator. In this case, the mobilecommunication network may be a network of any unspecified MNO or anetwork of a predetermined MNO. The eUICC 500 may include one or moreprovisioning profiles 511. Alternatively, there may be an eUICC 500 thatdoes not include the provisioning profile 511. The terminal device 200may perform an authentication procedure for a specific mobilecommunication network operator using authentication information storedin the provisioning profile 511 to receive service activation andreceive authentication completion information for the serviceactivation.

The operational profile 521 or 522 denotes a file that provides MNOnetwork access information in order to access the MNO network to receivea service after the eUICC 500 is activated with the MNO. The eUICC 500may include one or more operational profiles 521 and 522. If aprovisioning profile 511 is not in the eUICC, the operational profile521 or 522 may serve as the provisioning profile 511. The terminaldevice 200 may access a specific mobile communication network operatorusing access information stored in the operational profile 521 or 522 toreceive a service of the operator.

There are a plurality of provisioning profiles 511, operational profiles521 and 522, and user profiles 531 in the eUICC 500, and the terminalmay select a specific profile from among the profiles according to thepurpose.

The mobile communication terminal device 200 may be configured tofurther include a profile selection unit 230 (“selector”) configured toselect the provisioning profile 511 and the operational profile 521 or522 based on an elementary file 541 including attribute informationrelated to the at least one or more profiles 511, 521, 522, and 531.

The profile selection unit 230 may select the profile with reference tothe profile attribute information in the elementary file 541 stored inthe subscriber identity module 500. The elementary file 541 may includean application identifier 542 corresponding to the profile and also anyother information defining the profile. The other information may bedivided in units of objects and defined as a tag, a length, a value, orthe like in order to determine a specification for mobile communication.

A function of each of the objects constituting the attribute informationand a structure of the elementary file 541 will be described below.

FIG. 4 is a conceptual view illustrating an application tag, length, andvalue (TLV) object among profile attribute information according to anexemplary embodiment, and FIG. 5 is a block diagram illustrating anapplication identifier 542 and its configuration information. Inaddition, FIG. 6 is an exemplary view showing an example of a value ofthe application identifier 542 for each profile.

Referring to FIGS. 4 to 6, the attribute information may include anapplication identifier 542 that may be used to identify at least oneprofile 511, 521, 522, or 531, and the application identifier 542 may becomposed of a registered application provider identifier (RID) 543 and aproprietary application identifier extension (PIX) 544.

In addition, the proprietary application identifier extension (PIX) 544may include at least one of an application code, a country code, anapplication provider code, and an application provider field option.

Further referring to FIG. 3, which has been referred, the provisioningfile 511 and the operational profiles 521 and 522 may be configured inthe form of one or more application dedicated files (ADFs), as shown inFIG. 3. The ADF may store contents of a profile and information that maymatch an application identifier (AID) 542 among the attributeinformation stored in the elementary file 541.

In FIG. 3, reference number 511 may indicate a provisioning profilecomposed of one Application Dedicated File for the Universal SubscriberIdentity Module (ADFUSIM) for accessing a WCDMA or LTE network,reference number 521 may indicate an MNO#1 operational profile composedof an ADFUSIM for accessing a WCDMA or LTE network and an ApplicationDedicated File for the International Mobile Subscriber Identity(ADFISIM) for accessing an IP multimedia subsystem (IMS) network, andreference number 522 may indicate an MNO#2 operational profile composedof an ADFUSIM for accessing a WCDMA or LTE network. FIG. 3 is merely oneexemplary embodiment, and the number of profiles and the type of thenetwork in FIG. 3 are only one example of many possible configurations.

An initial eUICC 500 may include an ADF for the provisioning profile 511and an ADF for the operational profile 521 or 522 that serves as theprovisioning profile 511. An ADF for one or more MNO operationalprofiles 521 and 522 may be added by accessing a mobile communicationnetwork through the provisioning profile 511 or the operational profile521 or 522 serving as the provisioning profile 511, which is included inthe initial eUICC. In addition, an ADF for a new provisioning profile511 may be added.

The eUICC 500 may provide an application identifier (AID) 542 forselecting a profile to the terminal device 200 and include informationthereof in the an elementary file 541. Here, it should be noted that thesubscriber identity module 500 may selectively include one or more ofthe elementary provisioning profile 511, an MNO#1, operational profile521, and an MNO#2 operational profile 522, but need not necessarilyinclude all of the profiles. That is, the elementary file (EFDIR,Elementary File Directory) 541 of FIG. 3 may include one or more of AID#1 to AID #4, and thus one or more of the ADF files that are indicatedby the AIDs.

Referring to FIG. 4, the elementary file 541 may be a means forproviding the application identifier 542, which may include one or moreapplication template tag, length, and value (TLV) objects. Theapplication template TLV object may include application identifierinformation, application label information, and application stateinformation.

An application identifier TLV object, an application label TLV object,and an application state TLV object of FIG. 4 reflect objects of theapplication identifier information, the application label information,and the application state information, respectively.

The application identifier TLV object may include the applicationidentifier information. The application identifier value 542 may becomposed of a registered application provider identifier (RID) 543 and aproprietary application identifier extension (PIX) 544 and may be up to16 bytes in length. For example, the registered application provideridentifier 543 may have a hexadecimal value of ‘A000000009’ in ETSI, ahexadecimal value of ‘A000000087’ in 3GPP, and a hexadecimal value of‘A000000343’ in 3GPP2.

The proprietary application identifier extension (PIX) 544 is a part ofthe application identifier value 542 that includes proprietaryinformation, which may include at least one of an application code, acountry code, an application provider code, and an application providerfield option.

The application code of the proprietary application identifier extension(PIX) 544 may include classification information that may classify typesof the at least one or more profiles 511, 521, 522, and 531, and thetypes of the at least one or more profiles may include a provisioningprofile 511 type, an operational profile 521 or 522 type, and anoperational profile 521 or 522 type containing data of the provisioningprofile 511.

The application code of the proprietary application identifier extension(PIX) 544 may include profile type information, that is, informationindicating a provisioning profile 511 or any one of operational profiles521 and 522. In addition, the application code may include informationindicating a case in which the operational profile 521 or 522 is alsoused as the provisioning profile 511. In addition, the application codemay define the profile type information and other information together.For example, any application code may define that the profile type isthe provisioning profile 511 and a network access application (NAA) is aUSIM.

The country code and the application provider code may include a countrycode and a provider (or operator) code of a provider of a correspondingprofile. The terminal may recognize ADFs that are composed of the sameprofile type, country code, and application provider code as oneprofile. However, an ADF being the operational profile 521 or 522provided as the provisioning profile 511 may be considered as theoperational profile 521 or 522 although the application code value maybe different from an application code value of the ADF provided as theoperational profile 521 or 522.

The application provider field option may include profile typeinformation, that is, information indicating a provisioning profile 511or any one of operational profiles 521 and 522. In addition, theapplication code may include information indicating a case in which theoperational profile 521 or 522 is also used as the provisioning profile511. In addition, the application provider field option may define theprofile type information and other information together.

An example in which the application identifier value 542 is defined willbe described with reference to FIG. 6. Accordingly, when ‘0201’ isallocated by ETSI as an application code for the eUICC provisioningprofile 511, the country code is assumed as ‘FF82,’ and the providercode is assumed as ‘FF3089,’ the application identifier value 542 may bedefined in the first row of FIG. 6.

When ‘0202’ is allocated by ETSI as an application code for the eUICCoperational profile 521 or 522, the country code is assumed as ‘FF82,’and the provider code is assumed as ‘FF3089,’ the application identifiervalue 542 may be defined in the second row.

When ‘0203’ is allocated by ETSI as an application code for the eUICCoperational profile 521 or 522 that is used as the provisioning profile511, the country code is assumed as ‘FF82,’ and the provider code isassumed as ‘FF3089,’ the application identifier value 542 may be definedin the third row.

When ‘0202’ is allocated by ETSI as an application code for the eUICCoperational profile 521 or 522, the country code is assumed as ‘FF82,’the provider code is assumed as ‘FF3089,’ and ‘1xxxxxxx’ (“x” is anyvalue) is allocated in the application provider field option asinformation for a case in which the eUICC operational profile 521 or 522is used as the provisioning profile, the application identifier value542 may be defined in the fourth row.

FIG. 7 is a block diagram illustrating a subscriber identity device 500and its elements according to an exemplary embodiment.

Referring to FIG. 7, the subscriber identity device 500 embedded in themobile communication terminal device 200 that accesses a communicationnetwork using at least one or more profiles 511, 521, 522, and 531 maybe configured to include a first storage unit 510 configured to store atleast one provisioning profile 511 having authentication informationregarding a communication network, a second storage unit 520 configuredto store at least one operational profile 521 or 522 having serviceaccess information used to receive a service of the communicationnetwork, and an elementary file storage unit 540 configured to store anelementary file 541 having attribute information related to the at leastone profile used to select at least one profile.

The subscriber identity device 500 may be a subscriber identity module500 in which a UICC is embedded. The first storage unit 510 that storesthe provisioning profile 511, the second storage unit 520 that storesthe operational profile 521 or 522, and the elementary file storage unit540 that stores the elementary file 541 are logical division units,which may be stored in the same place or different places. Theprovisioning profile 511, the operational profile 521 or 522, and theelementary file 541 has been described above, and thus will not berepeatedly described.

The subscriber identity device 500 may be configured to further includea third storage unit 530 that stores at least one user profile 531having user information of the mobile communication terminal device 200.

The subscriber identity device 500 may be used as a storage space of theuser information (e.g., a short message service, a multimedia messageservice, a phonebook, etc.). The third storage unit may also be alogical division unit, and thus may be actually stored in the same ordifferent place.

The subscriber identity device 500 may select the provisioning profileand the operational profile based on the elementary file which includesthe attribute information related to at least one or more profiles, andthe attribute information may include application identificationinformation, application label information, and application stateinformation for any profile among the at least one or more profiles 511,521, 522, and 531.

Continuing to refer back to FIG. 4, which has been described above, theelementary file 541 may be a means for providing the applicationidentifier 542, which may include one or more application template tag,length, and value (TLV) objects. The application template TLV object mayinclude application identifier information, application labelinformation, and application state information.

An application identifier TLV object, an application label TLV object,and an application state TLV object of FIG. 4 reflect objects of theapplication identifier information, the application label information,and the application state information, respectively. The applicationidentifier information has been described above and thus will not berepeatedly described.

FIG. 8 is a flowchart illustrating a method of selecting a profile of aterminal device 200 having a subscriber identity device 500 embeddedtherein according to an exemplary embodiment.

Referring to FIG. 8, a network access method of the mobile communicationterminal device 200, which is a method of accessing a communicationnetwork using at least one or more profiles 511, 521, 522, and 531included in the subscriber identity module 500, may be configured toinclude performing an authentication procedure on the communicationnetwork based on a provisioning profile 511 among the at least one ormore profiles 511, 521, 522, and 531 (S870), receiving authenticationcompletion information from an operator server 100 of the communicationnetwork (S880), and accessing the communication network based on theauthentication completion information (S890) and receiving a servicefrom the operator server 100 based on an operational profile 521 or 522corresponding to the operator of the communication network among the atleast one or more profiles 511, 521, 522, and 531 (S895).

The mobile communication terminal device 200 may perform userauthentication with and access to the mobile communication network usingprofiles 511, 521, 522, and 531 of an eUICC 500 and also use the eUICC500 as a storage space for user information (for example, a shortmessage service, a multimedia message service, phonebook, etc.).

The profile may be classified into a provisioning file 511, anoperational profile 521 or 522, a user profile 531, and so on. Theprovisioning profile 511 denotes a file that provides informationnecessary for authentication of the mobile communication network inorder to support MNO activation when the eUICC 500 is not activated withthe mobile communication network operator. In this case, the mobilecommunication network may be a network of any unspecified MNO or anetwork of a predetermined MNO. The eUICC 500 may include one or moreprovisioning profiles 511. Alternatively, there may be an eUICC thatdoes not include the provisioning profile 511. The terminal device 200may perform an authentication procedure for a specific mobilecommunication network operator using authentication information storedin the provisioning profile 511 (S870) to receive service activation andreceive authentication completion information for the service activation(S880).

The operational profile 521 or 522 denotes a file that provides MNOnetwork access information in order to access the MNO network to receivea service after the eUICC 500 is activated with the MNO. The eUICC 500may include one or more operational profiles 521 and 522. If aprovisioning profile 511 is not in the eUICC 500, the operationalprofile 521 or 522 may serve as the provisioning profile 511. Theterminal device 200 may access a specific mobile communication networkoperator using access information stored in the operational profile 521or 522 (S890) to receive a service of the operator (S895).

There are a plurality of provisioning profiles 511, operational profiles521 and 522, and user profiles 531 in the eUICC 500, and the terminaldevice 200 may select a specific profile from among the profilesaccording to the operation (S850).

The network access method of the mobile communication terminal device200 may be configured to further include, before receiving theauthentication completion information (S880), selecting the provisioningprofile 511 and the operational profile 521 or 522 based on anelementary file 541 including attribute information related to the atleast one or more profiles 511, 521, 522, and 531 (S850).

The terminal device 200 may select an elementary file 541 (ElementaryFile Directory (EFDIR)) of the eUICC 500 (S810) and read a correspondingvalue to acquire application template TLV object information. Inaddition, a specific profile may be selected utilizing the applicationcode included in the application template TLV object information toclassify the profile type (the provisioning profile, the operationalprofile 521 or 522, and operational profile 521 or 522 simultaneouslyserving as the provisioning profile), utilizing the country code and theapplication provider code to classify the profile provider, utilizingthe application provider field option to classify the operationalprofile 521 or 522 that may serve as the provisioning profilesimultaneously, utilizing the application label as information relatedto profile text names, and utilizing the application state as theprofile state information (S850).

Continuing to refer back to FIG. 2, which has been described above, theprofile selection step (S850) may select the profile with reference tothe profile attribute information in the elementary file 541 stored inthe subscriber identity module 500. The elementary file 541 may includean application identifier 542 corresponding to the profile and also anyother information defining the profile. The other information may bedivided in units of objects and defined as a tag, a length, a value, orthe like in order to determine a specification for mobile communication.A function of each object that constitutes the attribute information anda structure of the elementary file 541 have been described above.

The attribute information may include the application identifier 542which may identify the at least one or more profiles 511, 521, 522 and531, the application identifier 542 may be composed of a registeredapplication provider identifier 543 and a proprietary applicationidentifier extension 544, and the proprietary application identifierextension 544 may include at least one of an application code, a countrycode, an application provider code, and an application provider fieldoption.

Continuing to refer back to FIG. 3, which has been described above, theprovisioning profile 511 and the operational profile 521 or 522 storedin the eUICC 500 may be configured in the form of one or moreapplication dedicated files (ADFs), as shown in FIG. 3. The ADF maystore contents of a profile and information that may match anapplication identifier 542 among the attribute information stored in theelementary file 541. Various exemplary embodiments and detaileddescription of a configuration of the elementary file 541 and theapplication identifier 542 may be the same as described above.

The application code may include classification information that mayclassify types of the at least one or more profiles 511, 521, 522, and531, and the types of the at least one or more profiles may include aprovisioning profile 511 type, an operational profile 521 or 522 type,and an operational profile 521 or 522 type containing data of theprovisioning profile 511.

The application code of the proprietary application identifier extension(PIX) 544 may include profile type information, that is, informationindicating any one of a provisioning profile 511 and an operationalprofile 521 or 522. In addition, the application code may includeinformation indicating a case in which the operational profile 521 or522 is also used as the provisioning profile 511. In addition, theapplication code may define the profile type information and otherinformation together. For example, any application code may define thatthe profile type is the provisioning profile 511 and a network accessapplication (NAA) is a USIM.

The country code and the application provider code may include a countrycode and a provider (or operator) code of a provider of a correspondingprofile. The terminal may recognize ADFs that are composed of the sameprofile type, country code, and application provider code as oneprofile. However, an ADF being the operational profile 521 or 522provided as the provisioning profile 511 may be considered as theoperational profile 521 or 522 although the application code value maybe different from an application code value of the ADF provided as theoperational profile 521 or 522.

The application provider field option may include profile typeinformation, that is, information indicating a provisioning profile 511or any one of operational profiles 521 and 522. In addition, theapplication code may include information indicating a case in which theoperational profile 521 or 522 is also used as the provisioning profile511. In addition, the application provider field option may define theprofile type information and other information together.

Although several aspects of the exemplary embodiments have beendiscussed herein with regard to a specific device, it will be obviouslyunderstood that the aspects may be utilized in a corresponding method.Here, steps of the method correspond to components of the device.According to certain implementations, exemplary embodiments may beimplemented in hardware or software. Exemplary embodiments may beperformed as a computer program product including program codes thatexecute any one of the above methods.

While the exemplary embodiments and their advantages have been describedin detail, it should be understood that various changes, substitutions,and alterations may be made herein without departing from the scope ofthe invention.

1. A mobile communication terminal device comprises: a subscriberidentity module having at least one or more profiles; a networkauthenticator configured to perform an authentication procedure for acommunication network based on a provisioning profile among the at leastone or more profiles and receive authentication completion informationfrom an operator server of the communication network; and a networkcommunicator configured to access the communication network based on theauthentication completion information and receive a service from theoperator server based on an operational profile corresponding to anoperator of the communication network among the at least one or moreprofiles.
 2. The mobile communication terminal device of claim 1,further comprising a profile selector configured to select theprovisioning profile and the operational profile based on an elementaryfile including attribute information related to the at least one or moreprofiles.
 3. The mobile communication terminal device of claim 2,wherein the attribute information comprises an application identifierfor identifying the at least one or more profiles.
 4. The mobilecommunication terminal device of claim 3, wherein the applicationidentifier comprises a registered application provider identifier (RID)and a proprietary application identifier extension (PIX), and theproprietary application identifier extension (PIX) comprises at leastone from among an application code, a country code, an applicationprovider code, and an application provider field option.
 5. The mobilecommunication terminal device of claim 4, wherein the application codecomprises classification information for classifying types of the atleast one or more profiles.
 6. The mobile communication terminal deviceof claim 5, wherein the types of the at least one or more profilescomprise a provisioning profile type, an operational profile type, andan operational profile type containing data of the provisioning profile.7. A subscriber identity device embedded in a mobile communicationterminal device that accesses a communication network using at least oneor more profiles, the subscriber identity device comprising: a firststorage configured to store at least one provisioning profile havingauthentication information related to the communication network; asecond storage configured to store at least one operational profilehaving service access information used to receive a service of thecommunication network; and an elementary file storage configured tostore an elementary file having attribute information related to the atleast one profile used to select at least one profile.
 8. The subscriberidentity device of claim 7, further comprising a third storageconfigured to store at least one user profile having user information ofthe mobile communication terminal device.
 9. The subscriber identitydevice of claim 7, wherein the at least one provisioning profile and theat least one operational profile are selected based on the elementaryfile including attribute information related to the at least one or moreprofiles.
 10. The subscriber identity device of claim 9, wherein theattribute information comprises application identifier information,application label information, and application state information for anyprofile among the at least one or more profiles.
 11. The subscriberidentity device of claim 10, wherein, the application identifierinformation comprises an application identifier (AID) for identifyingany profile, and the application identifier comprises a registeredapplication provider identifier (RID) and a proprietary applicationidentifier extension (PIX).
 12. The subscriber identity device of claim11, wherein the proprietary application identifier extension comprisesat least one from among an application code, a county code, anapplication provider code, and an application provider field option. 13.The subscriber identity device of claim 12, wherein the application codecomprises classification information for classifying types of the atleast one or more profiles.
 14. The subscriber identity device of claim13, wherein the types of the at least one or more profiles comprise aprovisioning profile type, an operational profile type, and anoperational profile type containing data of a provisioning profile. 15.A method of accessing a communication network using at least one or moreprofiles comprised in a subscriber identity module, the methodcomprising: performing an authentication procedure for the communicationnetwork based on a provisioning profile among the at least one or moreprofiles and receiving authentication completion information from anoperator server of the communication network; and accessing thecommunication network based on the authentication completion informationand receiving a service from the operator server based on an operationalprofile corresponding to an operator of the communication network amongthe at least one or more profiles.
 16. The method of claim 15, furthercomprising, before the receiving of the authentication completioninformation, selecting the provisioning profile and the operationalprofile based on an elementary file including attribute informationrelated to the at least one or more profiles.
 17. The method of claim15, wherein the attribute information comprises an applicationidentifier for identifying the at least one or more profiles.
 18. Themethod of claim 17, wherein, the application identifier comprises aregistered application provider identifier (RID) and a proprietaryapplication identifier extension (PIX), and the proprietary applicationidentifier extension (PIX) comprises at least one from among anapplication code, a country code, an application provider code, and anapplication provider field option.
 19. The method of claim 18, whereinthe application code comprises classification information forclassifying types of the at least one or more profiles.
 20. The methodof claim 19, wherein the types of the at least one or more profilescomprise a provisioning profile type, an operational profile type, andan operational profile type containing data of a provisioning profile.21. The mobile communication terminal device of claim 1, wherein theoperational profile serves as the provisioning profile if there is noactual provisioning profile.
 22. The subscriber identity device of claim7, wherein the at least one operational profile serves as the at leastone provisioning profile if there is no actual provisioning profile. 23.The method of claim 15, wherein the operational profile serves as theprovisioning profile if there is no actual provisioning profile.